Get the most out of the Checkmarx integration with GitLab
Blog post from GitLab
In the 2020 Global DevSecOps survey, 65% of organizations reported shifting security left, yet fewer than 20% had developers accessing SAST or DAST scans in their pipelines or IDEs. Security professionals expressed frustration over developers finding too few bugs too late. James Brotsos from Checkmarx presented a solution at a virtual user conference, demonstrating the integration of Checkmarx's security testing platform with GitLab using CxFlow, a spring boot application. This integration enables early application security testing directly within the development process, freeing developers to focus on coding while still maintaining governance and scanning capabilities. The customizable integration allows developers to initiate scans via GitLab CI/CD, merge requests, or pushed code, creating an efficient feedback loop without manual intervention. Developers can receive actionable results through various channels like GitLab's security dashboard or Jira, enhancing defect tracking and management. The process involves setting up global variables for Checkmarx server access and separating Checkmarx stages from the existing GitLab CI file to avoid disruption, facilitating quick and automated scanning of multiple repositories with minimal overhead.
No tracked trend matches for this post yet.
Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.